From 89883b8c453400fec956bbbe95129dd9a611d4ab Mon Sep 17 00:00:00 2001
From: Sean McArthur <sean.monstar@gmail.com>
Date: Mon, 10 Sep 2012 13:18:55 -0700
Subject: [PATCH] remove _.template usage

_.template uses new Function, which means evalling code
evalling code is bad. so now we don't do it.
---
 resources/static/pages/js/manage_account.js | 19 +++++++++++--------
 resources/views/index.ejs                   |  4 ++--
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/resources/static/pages/js/manage_account.js b/resources/static/pages/js/manage_account.js
index c6f85634a..d1b35a5c4 100644
--- a/resources/static/pages/js/manage_account.js
+++ b/resources/static/pages/js/manage_account.js
@@ -79,16 +79,19 @@ BrowserID.manageAccount = (function() {
 
     dom.setInner(list, "");
 
-    // Set up to use mustache style templating, the normal Django style blows
-    // up the node templates
-    _.templateSettings = {
-        interpolate : /\{\{(.+?)\}\}/g
-    };
-    var template = dom.getInner("#templateUser");
+    function substitute(text, values, re) {
+      re = re || /\{\{([^\{\}]+)\}\}/g;
+      return String(text).replace(re, function(m, name) {
+        return (values[name] != null) ? values[name] : '';
+      });
+    }
+
+    var template = $("#templateUser").html();
 
     _(emails).each(function(item) {
-      var e = item.address,
-          identity = _.template(template, { email: e });
+      var e = item.address;
+      var id = e.replace('@', '_').replace('.', '_', 'g');
+      var identity = substitute(template, { email: e, id: id });
 
       var idEl = dom.appendTo(identity, list),
           deleteButton = dom.getDescendentElements(".delete", idEl);
diff --git a/resources/views/index.ejs b/resources/views/index.ejs
index 600183a56..b4d6f2b65 100644
--- a/resources/views/index.ejs
+++ b/resources/views/index.ejs
@@ -25,8 +25,8 @@
   -->
 
   <script type="text/html" id="templateUser">
-    <li class="identity cf" id="{{ email.replace('@', '_').replace('.', '_') }}">
-      <div class="email">{{ email }}</div>
+    <li class="identity cf" id="{{id}}">
+      <div class="email">{{email}}</div>
       <button class="delete"><%- gettext('remove') %></button>
     </li>
   </script>
-- 
GitLab